Secure cross-account access with proper trust relationships.

• Use role assumption instead of sharing credentials
• Define strict trust policies limiting which principals can assume the role
• Require an External ID when granting access to third-party accounts